In the recent Gartner® report, Innovation Insight for Cloud-Native Application Protection Platforms, the analyst firm highlights the benefits and uses of a CNAPP. With the new category being the most recent in a long line of cloud security solutions to enter the market, you might be wondering: do I really need another cloud security tool?
The answer is yes . . . and no.
According to Gartner, “The most significant benefit of a CNAPP approach is better visibility and control of cloud-native application risk.”
What Is a CNAPP?
A CNAPP is not about adding yet another security tool to your existing arsenal, but replacing disparate solutions with one converged solution. Designed to simplify cloud security, a CNAPP is an appealing alternative to using separate tools such as cloud security posture management (CSPM), cloud workload protection platform (CWPP), Kubernetes security posture management (KSPM), container scanning, and cloud identity and entitlement management (CIEM) solutions.
A capable CNAPP does the following:
- Detects misconfiguration and compliance violations in your AWS, Azure, or GCP estate (as performed by CSPM tools)
- Detects misconfiguration and compliance violations in Kubernetes (as performed by KSPM tools)
- Detects vulnerabilities, security misconfigurations, insecure secret management, and active compromises in cloud workloads, whether they are VMs, containers, or serverless functions (as performed by CWPPs)
- Assesses the permissions configuration of your cloud environment against least privilege and other best practices (as performed by CIEM solutions)
- Scans containers and images as early as possible in the application development pipeline for risks such as security vulnerabilities, hardening, insecure secret management, and more
While the convergence of disparate cloud security tools may seem trivial, the revolution of CNAPPs goes well beyond bundling products together and giving them a sexy name and separate tabs in a dashboard. In fact, organizations should be cautious of offerings that are merely the repackaging of tools into one SKU with no value add. CNAPPs exhibit their real value by intelligently combining data points from different layers in the technology stack to highlight critical security issues instead of just sending thousands of meaningless disconnected alerts.
“By integrating vulnerabilities, context and relationships across the development life cycle, excessive risk can be surfaced, enabling development teams and product owners to focus on remediating the areas of the application that represent the most risk.”
Gartner, Inc., Innovation Insight for Cloud-Native Application Protection Platforms, Neil MacDonald and Charlie Winckless, August 25, 2021
CNAPP: Applying Context to Cloud Security
An enterprise that uses separate CSPM, CWPP, and CIEM tools is likely to have visibility into hundreds of thousands of vulnerabilities, thousands of excessive permissions alerts, and hundreds of exposed services – without any indication of which issues are critical and require immediate attention.
A key benefit of leading CNAPPs is context. A CNAPP looks at risk across the technology stack, including cloud configuration, workload, and identity, connecting the dots to concrete attack vectors. Instead of alerting on hundreds of thousands of vulnerabilities, permissions alerts, and exposed services, a CNAPP can prioritize the one critical attack vector that poses the most significant risk to your business. The result is a higher level of understanding that cannot be achieved with traditional standalone cloud security tools.
Bottom line: With a CNAPP, you can get more functionality with fewer cloud security tools – and finally address the complexity and cost of managing disparate tools.
Gartner recommends companies to: “Evaluate emerging CNAPP offerings as contracts for CSPM and CWPP expire, and use this opportunity to reduce complexity and consolidate vendors.”
Orca Security: A Pioneer and Leader in the Agentless CNAPP Market
Orca’s founders had a mission: to simplify cloud security by delivering a fully integrated platform that can detect and prioritize every important security risk in an enterprise cloud estate while being as easy to install and maintain as a smartphone app. Gartner recognizes Orca as a representative provider for CNAPP and recently named Orca Security a 2021 Gartner Cool Vendor.
Using our proprietary SideScanning™ technology, Orca provides 100% coverage, 100% visibility, 100% of the time, without the gaps in coverage, organizational friction, alert fatigue, and high operational costs of existing vulnerability management, CWPP, and CSPM solutions. Orca leverages its complete visibility of the AWS, Azure, and GCP cloud estate to take a holistic approach to risk – accounting for the accessibility and business impact of a security issue, not only its severity. As a result, the Orca Platform separates the 1% of alerts that demand immediate action from the 99% that don’t, enabling security teams to avoid alert fatigue and ensure that critical alerts are not missed.
A CNAPP like Orca solves the problems of traditional cloud security solutions and finally gives security teams the visibility and coverage they’ve needed from day one in the cloud. With Orca, maintaining a secure and compliant cloud estate is now easier than ever before.